Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-02 | CVE-2007-0667 | The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872. | 6.5 |
| 2007-02-02 | CVE-2007-0666 | Remote Security vulnerability in Ipswitch WS FTP Server 5.04 Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module. network ipswitch | 6.8 |
| 2007-02-02 | CVE-2007-0665 | Unspecified vulnerability in Ipswitch WS FTP PRO 2007 Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP script command. network ipswitch | 6.8 |
| 2007-02-02 | CVE-2007-0459 | Protocol Denial of Service vulnerability in Wireshark 0.99.2/0.99.3/0.99.4 packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets. | 5.0 |
| 2007-02-02 | CVE-2007-0458 | Protocol Denial of Service vulnerability in Wireshark 0.99.3/0.99.4 Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468. network wireshark | 4.3 |
| 2007-02-02 | CVE-2007-0457 | Protocol Denial of Service vulnerability in Wireshark Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. network wireshark | 4.3 |
| 2007-02-02 | CVE-2007-0456 | Protocol Denial of Service vulnerability in Wireshark 0.99.3/0.99.4 Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. network wireshark | 4.3 |
| 2007-02-01 | CVE-2007-0661 | Remote Denial of Service vulnerability in Intel Southbridge 2 Baseboard Management Controller Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S5000PAL, S5000PSL, S5000XVN, S5000VCL, S5000VSA, SC5400RA, and OEM Firmware for Intel Enterprise Southbridge Baseboard Management Controller before 20070119, when Intelligent Platform Management Interface (IPMI) is enabled, allow remote attackers to connect and issue arbitrary IPMI commands, possibly triggering a denial of service. | 5.4 |
| 2007-02-01 | CVE-2007-0660 | Cross-Site Scripting vulnerability in Dotnetnuke Iframe 03.02.00 Cross-site scripting (XSS) vulnerability in the IFrame module before 03.02.01 for DotNetNuke (DNN) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "Pass through values." network dotnetnuke | 6.8 |
| 2007-02-01 | CVE-2007-0658 | Unspecified vulnerability in Drupal and Textimage The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $_SESSION. | 5.0 |